What’s New in Fiddler 2.4.4.5

A new version of Fiddler (2.4.4.5/4.4.4.5) has been released and is now available for download. As always, this new version contains many bugfixes, and introduces both new features and feature enhancements. Read on for more details.

Performance Improvements

Over the past several months, many hidden changes have been made to improve Fiddler’s performance, particularly when dealing with a large number of Sessions.

Fiddler startup and shutdown are now faster than ever

Fiddler processes Sessions more quickly after it launches

Fiddler reuses sockets more intelligently; “primed” sockets are reused first for improved performance

Invoking functions in FiddlerScript is now as fast as an equivalent FiddlerExtension built in .NET

The Run Filterset now command on the Filters tab is now significantly faster

When your session list is large, bulk deleting Sessions takes under 1% of the time it required in prior versions

Fiddler now uses slightly less memory and CPU

Editing huge responses in the HexView inspector uses far less memory and is much faster

Switching the active tab in Fiddler is now up to 100ms faster

While most of these changes are small, the result is a more productive and pleasant debugging experience.

User Interface Tweaks

Fiddler’s UI has continued to evolve to make it simpler to accomplish common tasks.

Session List

Within Fiddler’s Web Sessions list, you can simply Alt+Click within any cell to select all rows that have a matching value in that cell.

Tap the minus key to strike out any Session, and hit Alt+Minus to select all Sessions that have been struck out.

Column Customization

The Column customization support first launched in version 2.4.3 has been enhanced. When you display the Customize Columns screen (by right-clicking the column headers and choosing Customize Columns):

… the Collections dropdown includes a new option titled Miscellaneous. The Miscellaneous collection includes new datapoints which you may find helpful:

RequestMethod

The HTTP Method (e.g. “POST” from the request line.

RequestSize

The complete size of the HTTP Request, including headers and body.

RequestBodySize

The size of the HTTP body (excluding the preceding headers).

ResponseSize

The complete size of the HTTP Response, including headers and body.

ResponseStatusText

The “status text” portion of the HTTP response. For instance, for a HTTP/200 response, this column will typically display “OK”.

ResponseStreamed

Indicates if the HTTP response was streamed to the client.

SentToGateway

Indicates if the request was sent to an upstream gateway proxy.

ClientPipeReuse

Indicates if the request was received on a reused connection from the client.

ServerPipeReuse

Indicates if the request was sent on a reused connection to the server.

ImageDimensions

The width and height of an image response (e.g. 120, 100).

PixelCount

The number of pixels contained in an image response (e.g. 12000).

AspectRatio

The aspect ratio of an image response (e.g. 1.20).

Options Dialog

The enhanced FiddlerOptions dialog, accessed from the Tools menu, exposes several settings which were previously hidden.

First, the new Gateway tab allows you to easily configure how Fiddler accesses the Internet. By default, Fiddler will continue to adopt the Internet Explorer proxy settings on startup, but if you’d like, you can configure Fiddler to autodetect a proxy, use a specific proxy, or use no proxy at all. If your needs are more complicated, you can continue to use FiddlerScript to adjust the bBypassGateway property on the Session object, or set its X-OverrideGateway flag.

The Enable high-resolution timers checkbox on the General tab enables you to configure Fiddler to instruct Windows to use timers with 1 millisecond resolution, instead of the default 15.6 millisecond resolution. While this option improves the accuracy of timestamps recorded by Fiddler, the use of higher-frequency timers decreases mobile PCs’ battery life, so this option remains off by default.

Timeline Tab

I’ve made several minor tweaks to the Timeline tab. You can now Shift+Click on any entry in the waterfall to inspect the selected Session in a new window. Clicking the title text now opens a context menu that permits changing the display mode and other options.

Automatic Authentication with Kerberos

Fiddler’s Composer tab has the option to automatically authenticate to servers and the X-AutoAuth Session Flag can similarly be used to handle authentication to secure servers when the Extended Protection / Channel Binding Tokens feature is in use. However, we recently discovered that in many cases Kerberos Authentication wasn’t happening properly due to a failure to correctly set the Subject Principal Name (SPN) when constructing the Kerberos ticket request. This bug went undiscovered for a long time because Kerberos authentication usually takes place inside a Negotiate protocol that falls back to NTLM upon failure

This bug is now fixed, and Fiddler should now correctly authenticate using Kerberos, where possible.

If you find that you need to configure Kerberos authentication behavior, new Preferences are available. The fiddler.auth.SPNIncludesPort boolean preference defaults to False. When set to True, the SPN will include the port of the target service (if it’s not 80 or 443). The fiddler.auth.SPNMode integer controls how Fiddler constructs the SPN; the following values are supported:

0 –Disable setting of SPN

1 – Use hostname from the URL as the SPN target

2 – Use the target server’s canonical name as the SPN target, if the hostname is dotless; otherwise use the hostname from the URL

3 – (Default) Use the target server’s canonical name as the SPN target

If your SPN-setting needs are more complicated, you can also manually specify the SPN used in automatic authentication by specifying the SPN by setting the Session’s X-AutoAuth-SPN flag.

WebSockets

Fiddler’s HTML5 WebSockets support continues to grow; Fiddler extensions can now capture and manipulate WebSocket messages by handling the FiddlerApplication.OnWebSocketMessage event.

In preparation for a full-featured WebSockets UI, Fiddler no longer spews WebSocket messages to the Log tab. If you’d like to re-enable that behavior until the full UI is available, you can do so using FiddlerScript. Simply click Rules > Customize Rules and add the following function inside your Handlers class.

You can use these methods when generating new requests or responses, or if you want to add mock sessions to the Web Sessions list. For instance, the following function allows you to Paste JSON from your clipboard into Fiddler as a new well-formed Web Session, ready for display by the JSON inspector:

Additionally, a new RequestMethod property was added to the Session object (to avoid having to type oSession.oRequest.headers.HTTPMethod).

Fiddler Extension developers can now more easily debug their Inspector objects; Fiddler now loads Inspectors from the \Documents\Fiddler2\Inspectors path in addition to the path under \Program Files\.

ImageView Tools

As I announced back in January, Fiddler’s ImageView Inspector is now more powerful than ever, and with the latest Fiddler update, it can be extended to interoperate with other tools. You can easily use the Inspector’s context menu to send images to other applications for deeper analysis, optimization, or other processing:

To populate the Tools menu, create a registry key named ImagesMenuExt and under it add a subkey naming your tool. Provide Command, Parameters, and optionally Types keys that specify how to launch the tool and for which types it is relevant.

Keyboard Enhancements

Fiddler was developed by a keyboard lover, and I remain dedicated to ensuring that Fiddler can be quickly and efficiently driven by keyboard input.

QuickExec Enhancements

The QuickExec box under Fiddler’s Web Sessions list is one of Fiddler’s most-powerful and most-overlooked features. This feature was significantly updated in this release, including enhanced AutoComplete. You can type a partial command and use the up and down arrow keys to scroll between matching commands in your history, or hit ALT+L to list all matches in a menu. The Tab and Shift+Tab keystrokes allow you to quickly navigate between text in the box, and SmartPaste allows you to easily paste file paths (hit CTRL+C on any file in Windows Explorer) to the box.

New commands added to QuickExec include:

!dns targethost

!ping targethost

about:connectoids

Hotkey Support

Fiddler now permits you to register systemwide hotkeys that invoke specific QuickExec commands. For instance, edit your FiddlerScript’s Main function to add the following:

After making these changes, hitting Win+G anywhere in Windows should add a capture of the screen to the Fiddler Web Sessions list.

FiddlerCore

Along with the main Fiddler-release, I’ve also released a long-awaited update to FiddlerCore.

FiddlerCore is a .NET Class Library that you can integrate into your applications. It provides the full power of Fiddler without any of the user-interface. This update fixes many significant issues (including nearly 12 months worth of bugfixes), as well as introduces new features like a handy Tag property on the Session object. The release introduces new support terms, including a fully-supported commercial license available from Telerik. You can grab the latest bits from the FiddlerCore homepage.

Eric Lawrence

Eric Lawrence (@ericlaw) has built websites and web client software since the mid-1990s. After over a decade of working on the web for Microsoft, Eric joined Telerik in October 2012 to enhance the Fiddler Web Debugger on a full-time basis. With his recent move to Austin, Texas, Eric has now lived in the American South, North, West, and East.

Progress, Telerik, and certain product names used herein are trademarks or registered trademarks of Progress Software Corporation and/or one of its subsidiaries or affiliates in the U.S. and/or other countries. See Trademarks for appropriate markings.